SRX Services Gateway
Reply
Visitor
ControlZNetwork
Posts: 5
Registered: ‎03-03-2010
0

Dynamic VPN problem on SRX240lm

Hello,

I have a problem with the configuration of a srx240lm.
If the customer is in another internal network connects to the DynamicVPN correctly. If I try to connect from a PC on the Internet, Juniper Networks Access Manager is not just connected with Juniper, I accept the certificate and enter the username, then stays in Connecting to server ..
What is the problem?

thanks

Trusted Contributor
groque1
Posts: 254
Registered: ‎09-09-2009
0

Re: Dynamic VPN problem on SRX240lm

Try restarting web managment thats what I would do and check the dyn VPN config for that user. Make sure you have an ACL for that user from the untrust-to-trust zone and specifying the user to be tunneled through

Visitor
ControlZNetwork
Posts: 5
Registered: ‎03-03-2010
0

Re: Dynamic VPN problem on SRX240lm

hello, I try your solution but has not been settled

my error is: Xauth succeeds but the connection is never established
 

 

I Verify the IKE and IPSec SA and tunnel sessions are established.
root @ SRX240 # run show security ike security-associations
 
Index    Remote Address     State         Initiator coockie  Responder cookie  Mode

              IP pc Internet            DOWN                                                                        Aggressive 

 

 

thanks :smileywink:


Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: Dynamic VPN problem on SRX240lm

IKE shows as down. Do you see any output from 'show security ipsec security-associations'? Also check your kmd log to see if there are any error messages there. It may also help to post your VPN configurations for review.

 

-Richard

Visitor
ControlZNetwork
Posts: 5
Registered: ‎03-03-2010
0

Re: Dynamic VPN problem on SRX240lm

Hello rkim!

 

the complete configuration of Dynamic-VPn is here.

 

http://blog.controlzeta.net/?p=440

 

and in this post I have placed a network scheme

 

thanks

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.